Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6945b1b6375202378fe90f17235f0d00_exe32.exe
-
Size
1.1MB
-
Sample
231015-yczjyscb21
-
MD5
6945b1b6375202378fe90f17235f0d00
-
SHA1
ac27b9609a00c94dce5129eaa8c65eacb899e984
-
SHA256
569a977023b8a9fb2fa761343ff88f7091a2ebef77293d0333a91a12e1225448
-
SHA512
13e5744c37c7dddfcd564b2b83c5c75b47e05f2a530d37b9291f80f8e2a235bcbf0b344a4497c039f5e04db4ffac8007f47d4cb9afedb825b17e176c7bde16d2
-
SSDEEP
24576:pyaf7VikDptRWix52Fw/gn0u2c2eXOtPbEMbkZy9VuK:caf7V7Rnx52Fw/HcjetPvkZy9
Static task
static1
Behavioral task
behavioral1
Sample
6945b1b6375202378fe90f17235f0d00_exe32.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
6945b1b6375202378fe90f17235f0d00_exe32.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
kukish
77.91.124.55:19071
Targets
-
-
Target
6945b1b6375202378fe90f17235f0d00_exe32.exe
-
Size
1.1MB
-
MD5
6945b1b6375202378fe90f17235f0d00
-
SHA1
ac27b9609a00c94dce5129eaa8c65eacb899e984
-
SHA256
569a977023b8a9fb2fa761343ff88f7091a2ebef77293d0333a91a12e1225448
-
SHA512
13e5744c37c7dddfcd564b2b83c5c75b47e05f2a530d37b9291f80f8e2a235bcbf0b344a4497c039f5e04db4ffac8007f47d4cb9afedb825b17e176c7bde16d2
-
SSDEEP
24576:pyaf7VikDptRWix52Fw/gn0u2c2eXOtPbEMbkZy9VuK:caf7V7Rnx52Fw/HcjetPvkZy9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-